In this lesson, we will discuss compliance as a topic and go over some examples of regulations, laws, and standards that many organizations need to comply with. We will also discuss a few roles and certifications associated with the field of compliance, as this is an area of cybersecurity that you don't hear much about.
Compliance can be a fairly involved concept. On the surface, it is just about an organization's adherence to the various laws, standards, regulations, and policies it is required to follow. On the other hand, it also invokes the ideas of being transparent about whether you follow these things, as well as proving that you follow these things.
In the field of GRC, compliance is where the rubber meets the road - organizations can claim they behave appropriately, and they can claim they manage risk, but compliance is where they prove that they do these things.
As a cybersecurity professional, you may not need to know every detail about these laws and regulations. However, it is important to be aware of them. Most have to do with privacy and security of information, essentially how we handle data.
You may recall that we previously discussed how we handle data and keep it secure. We also said that we want clients and partners to know that we take care to keep data secure in the way that we store it, transmit it, and even how we destroy it. We also talked about how we may have to follow certain rules around how long we keep data. These laws, regulations, and standards dictate a lot of the rules we must abide by, and cybersecurity is a big part of making that happen. We've mentioned some of these before, so this is also a bit of a review.
In this lesson, you learned about the compliance part of GRC. At this point, you should now have a basic understanding of several fundamental cybersecurity concepts. If you are completing this course as part of Cybrary's IT and Cybersecurity Foundations Career Path, you will soon have the opportunity to get hands-on with many of these concepts in the upcoming labs. Thanks for playing!